Can anyone offer any guidance on what fields would be considered 'required' for inserting a record into the TrackMe 'trackme_host_monitoring' lookup, and if any other supporting lookups would require insert/updates as well?
We have been tasked with host monitoring, and have implemented TrackMe for a few indexes so far.
Our manager wants us to check the TrackMe host activity against a 'source of truth'. For example, our Azure team uses a script to generate a list of all Azure hosts every night at midnight. We're monitoring that list and ingesting it into an index, after which we update a lookup table with the values we need.
We figure that we can run a report each day that compares a list of hosts (in this case, Azure VMs, but this could apply to firewalls, etc.) from our 'source of truth' against the hosts present in TrackMe's trackme_host_monitoring lookup.
The devil is in the details, but at the end of the day we figure we could insert the host into the TrackMe lookup if it wasn't present there. Any advice appreciated.